feat: 更新 v3.10.9

wojiushixiaobai · Apr 25, 2024 · 9634d33 · 9634d33
1 parent 9b375d5
commit 9634d33
Show file tree

Hide file tree

Showing 17 changed files with 247 additions and 167 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -97,7 +97,7 @@ jobs:
       - name: Generate poetry.lock
         if: matrix.component == 'core'
         run: |
-          wget https://github.com/jumpserver/jumpserver/raw/${{ env.version }}/pyproject.toml
+          wget --quiet https://github.com/jumpserver/jumpserver/raw/${{ env.version }}/pyproject.toml
           sed -i 's@^cython =@# cython =@g' pyproject.toml
           sed -i 's@^certifi =@# certifi =@g' pyproject.toml
           sed -i 's@^cffi =@# cffi =@g' pyproject.toml
@@ -109,6 +109,27 @@ jobs:
           poetry source remove tsinghua
           poetry source add --priority=primary PyPI
           poetry lock --no-update
+      
+      - name: Cache
+        uses: actions/cache@v3
+        id: cache
+        with:
+          path: |
+            var-cache-apt
+            var-lib-apt
+            pypi-cache
+          key: cache-${{ matrix.component }}
+
+      - name: inject cache into docker
+        uses: reproducible-containers/buildkit-cache-dance@v3.1.0
+        with:
+          cache-map: |
+            {
+              "var-cache-apt": "/var/cache/apt",
+              "var-lib-apt": "/var/lib/apt",
+              "pypi-cache": "/root/.cache"
+            }
+          skip-extraction: ${{ steps.cache.outputs.cache-hit }}
 
       - name: Login to Docker Hub
         uses: docker/login-action@v3

diff --git a/.github/workflows/core.yml b/.github/workflows/core.yml
@@ -0,0 +1,97 @@
+
+on:
+  schedule:
+    - cron: '0 1 * * *'
+
+name: Core for Stable Release Version
+
+jobs:
+  core-build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        component: [core]
+    steps:
+      - name: Free Disk Space (Ubuntu)
+        uses: jlumbroso/free-disk-space@main
+        with:
+          tool-cache: true
+          android: true
+          dotnet: true
+          haskell: true
+          large-packages: true
+          docker-images: true
+          swap-storage: true
+
+      - uses: actions/checkout@v4
+      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-buildx-action@v3
+      - uses: actions/setup-python@v4
+        if: matrix.component == 'core'
+        with:
+          python-version: 3.11
+
+      - uses: abatilo/actions-poetry@v2
+        if: matrix.component == 'core'
+
+      - name: Get Version
+        run: |
+          echo "version=$(curl -s https://github.com/gitapi/repos/jumpserver/jumpserver/releases/latest | jq -r .tag_name)" >> $GITHUB_ENV
+
+      - name: Generate poetry.lock
+        if: matrix.component == 'core'
+        run: |
+          wget --quiet https://github.com/jumpserver/jumpserver/raw/dev/pyproject.toml
+          sed -i 's@^cython =@# cython =@g' pyproject.toml
+          sed -i 's@^certifi =@# certifi =@g' pyproject.toml
+          sed -i 's@^cffi =@# cffi =@g' pyproject.toml
+          sed -i 's@^idna =@# idna =@g' pyproject.toml
+          sed -i 's@^urllib3 =@# urllib3 =@g' pyproject.toml
+          sed -i 's@^cryptography =@# cryptography =@g' pyproject.toml
+          sed -i 's@^COPY --from=stage-1 /opt/jumpserver/poetry.lock /opt/jumpserver/pyproject.toml@ADD poetry.lock pyproject.toml@g' core/Dockerfile
+          poetry config virtualenvs.create false
+          poetry source remove tsinghua
+          poetry source add --priority=primary PyPI
+          poetry lock --no-update
+
+      - name: Cache
+        uses: actions/cache@v3
+        id: cache
+        with:
+          path: |
+            var-cache-apt
+            var-lib-apt
+            pypi-cache
+          key: cache-${{ matrix.component }}
+
+      - name: inject cache into docker
+        uses: reproducible-containers/buildkit-cache-dance@v3.1.0
+        with:
+          cache-map: |
+            {
+              "var-cache-apt": "/var/cache/apt",
+              "var-lib-apt": "/var/lib/apt",
+              "pypi-cache": "/root/.cache"
+            }
+          skip-extraction: ${{ steps.cache.outputs.cache-hit }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and Push Image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          provenance: false
+          file: ${{ matrix.component }}/Dockerfile
+          platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/jms_${{ matrix.component }}:buildcache
+          outputs: type=image,oci-mediatypes=true,compression=zstd,compression-level=3,force-compression=true
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/README.md b/README.md
@@ -56,7 +56,7 @@ vi .env
 ```
 ```vim
 # 版本号可以自己根据项目的版本修改
-VERSION=v3.10.8
+VERSION=v3.10.9
 
 # 构建参数, 支持 amd64/arm64/ppc64le/s390x...
 TARGETARCH=amd64

diff --git a/README_EN.md b/README_EN.md
@@ -56,7 +56,7 @@ vi .env
 ```
 ```vim
 # You can modify the version number according to the project version
-VERSION=v3.10.8
+VERSION=v3.10.9
 
 # Build parameters, support amd64/arm64/loong64
 TARGETARCH=amd64

diff --git a/allinone/Dockerfile b/allinone/Dockerfile
@@ -1,9 +1,10 @@
 FROM redis:7.0-bookworm as redis
 FROM jumpserver/guacd:1.5.5-bookworm as guacd
-FROM wojiushixiaobai/jms_core:v3.10.8
+FROM wojiushixiaobai/jms_core:v3.10.9
 ARG TARGETARCH
 
 ARG TOOLS="                           \
+        bash-completion               \
         curl                          \
         default-mysql-client          \
         nginx                         \
@@ -12,7 +13,7 @@ ARG TOOLS="                           \
         supervisor                    \
         wget"
 
-RUN set -ex \
+RUN set -e \
     && apt-get update \
     && apt-get -y install --no-install-recommends ${TOOLS} \
     && mkdir -p /var/cache/nginx \
@@ -22,19 +23,19 @@ RUN set -ex \
 WORKDIR /opt
 
 ARG MONGOSH_VERSION=1.10.6
-RUN set -ex \
+RUN set -e \
     && \
     case "${TARGETARCH}" in \
         amd64) \
-            wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-x64.tgz \
+            wget --quiet https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-x64.tgz \
             && tar -xf mongosh-${MONGOSH_VERSION}-linux-x64.tgz \
             && chown root:root mongosh-${MONGOSH_VERSION}-linux-x64/bin/* \
             && mv mongosh-${MONGOSH_VERSION}-linux-x64/bin/mongosh /usr/local/bin/ \
             && mv mongosh-${MONGOSH_VERSION}-linux-x64/bin/mongosh_crypt_v1.so /usr/local/lib/ \
             && rm -rf mongosh-${MONGOSH_VERSION}-linux-x64* \
             ;; \
         arm64|s390x|ppc64le) \
-            wget https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \
+            wget --quiet https://downloads.mongodb.com/compass/mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \
             && tar -xf mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}.tgz \
             && chown root:root mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/* \
             && mv mongosh-${MONGOSH_VERSION}-linux-${TARGETARCH}/bin/mongosh /usr/local/bin/ \
@@ -48,22 +49,22 @@ RUN set -ex \
 
 ARG HELM_VERSION=v3.14.3
 ARG KUBECTL_VERSION=v1.29.3
-RUN set -ex \
-    && wget -O /usr/local/bin/rawkubectl https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${TARGETARCH}/kubectl \
-    && wget http://download.jumpserver.org/public/kubectl_aliases.tar.gz \
+RUN set -e \
+    && wget --quiet -O /usr/local/bin/rawkubectl https://dl.k8s.io/release/${KUBECTL_VERSION}/bin/linux/${TARGETARCH}/kubectl \
+    && wget --quiet http://download.jumpserver.org/public/kubectl_aliases.tar.gz \
     && mkdir /opt/kubectl-aliases/ \
     && tar -xf kubectl_aliases.tar.gz -C /opt/kubectl-aliases/ \
     && chown -R root:root /opt/kubectl-aliases/ \
-    && wget https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz \
+    && wget --quiet https://get.helm.sh/helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf helm-${HELM_VERSION}-linux-${TARGETARCH}.tar.gz -C /opt --strip-components=1 linux-${TARGETARCH}/helm \
     && mv helm /usr/local/bin/rawhelm \
     && chmod 755 /usr/local/bin/rawhelm /usr/local/bin/rawkubectl \
     && chown root:root /usr/local/bin/rawhelm /usr/local/bin/rawkubectl \
     && rm -f /opt/*.tar.gz
 
 ARG WISP_VERSION=v0.1.19
-RUN set -ex \
-    && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
+RUN set -e \
+    && wget --quiet https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \
     && chown root:root /usr/local/bin/wisp \
     && chmod 755 /usr/local/bin/wisp \
@@ -80,7 +81,7 @@ ARG RUNTIME_DEPENDENCIES="            \
 
 COPY --from=guacd ${PREFIX_DIR} ${PREFIX_DIR}
 
-RUN set -ex \
+RUN set -e \
     && apt-get update \
     && apt-get install -y --no-install-recommends $RUNTIME_DEPENDENCIES \
     && apt-get install -y --no-install-recommends $(cat "${PREFIX_DIR}"/DEPENDENCIES) \
@@ -89,48 +90,48 @@ RUN set -ex \
 
 COPY --from=redis /usr/local/bin/redis-cli /usr/local/bin/redis-cli
 
-RUN set -ex \
+RUN set -e \
     && mkdir -p /opt/koko \
-    && wget https://github.com/jumpserver/koko/releases/download/${VERSION}/koko-${VERSION}-linux-${TARGETARCH}.tar.gz \
+    && wget --quiet https://github.com/jumpserver/koko/releases/download/${VERSION}/koko-${VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf koko-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/koko/ --strip-components=1 \
     && mv /opt/koko/kubectl /usr/local/bin/ \
     && mv /opt/koko/helm /usr/local/bin/ \
     && chmod 755 /usr/local/bin/helm /usr/local/bin/kubectl /opt/koko/init-kubectl.sh \
     && chown root:root /usr/local/bin/helm /usr/local/bin/kubectl \
     && rm -f /opt/*.tar.gz
 
-RUN set -ex \
+RUN set -e \
     && mkdir -p /opt/lion \
-    && wget https://github.com/jumpserver/lion-release/releases/download/${VERSION}/lion-${VERSION}-linux-${TARGETARCH}.tar.gz \
+    && wget --quiet https://github.com/jumpserver/lion-release/releases/download/${VERSION}/lion-${VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf lion-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/lion --strip-components=1 \
     && chown -R root:root /opt/lion \
     && rm -f /opt/*.tar.gz
 
-RUN set -ex \
+RUN set -e \
     && mkdir -p /opt/kael \
-    && wget https://github.com/jumpserver/kael/releases/download/${VERSION}/kael-${VERSION}-linux-${TARGETARCH}.tar.gz \
+    && wget --quiet https://github.com/jumpserver/kael/releases/download/${VERSION}/kael-${VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf kael-${VERSION}-linux-${TARGETARCH}.tar.gz -C /opt/kael --strip-components=1 \
     && chmod 755 /opt/kael/kael \
     && chown -R root:root /opt/kael \
     && rm -f /opt/*.tar.gz
 
-RUN set -ex \
+RUN set -e \
     && mkdir -p /opt/chen \
-    && wget https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \
+    && wget --quiet https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \
     && tar -xf chen-${VERSION}.tar.gz -C /opt/chen --strip-components=1 \
     && chown -R root:root /opt/chen \
     && rm -f /opt/*.tar.gz
 
-RUN set -ex \
+RUN set -e \
     && mkdir -p /opt/lina \
-    && wget https://github.com/jumpserver/lina/releases/download/${VERSION}/lina-${VERSION}.tar.gz \
+    && wget --quiet https://github.com/jumpserver/lina/releases/download/${VERSION}/lina-${VERSION}.tar.gz \
     && tar -xf lina-${VERSION}.tar.gz -C /opt/lina --strip-components=1 \
     && chown -R root:root /opt/lina \
     && rm -f /opt/*.tar.gz
 
-RUN set -ex \
+RUN set -e \
     && mkdir -p /opt/luna \
-    && wget https://github.com/jumpserver/luna/releases/download/${VERSION}/luna-${VERSION}.tar.gz \
+    && wget --quiet https://github.com/jumpserver/luna/releases/download/${VERSION}/luna-${VERSION}.tar.gz \
     && tar -xf luna-${VERSION}.tar.gz -C /opt/luna --strip-components=1 \
     && chown -R root:root /opt/luna \
     && rm -f /opt/*.tar.gz

diff --git a/allinone/README.md b/allinone/README.md
@@ -103,7 +103,7 @@ docker run --name jms_all -d \
   -v /opt/jumpserver/kael/data:/opt/kael/data \
   -v /opt/jumpserver/chen/data:/opt/chen/data \
   -v /opt/jumpserver/web/log:/var/log/nginx \
-  wojiushixiaobai/jms_all:v3.10.8
+  wojiushixiaobai/jms_all:v3.10.9
 ```
 
 **升级**
@@ -119,7 +119,7 @@ mysqldump -h$DB_HOST -p$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > /opt/jumpse
 # 例: mysqldump -h192.168.100.11 -p3306 -ujumpserver -pnu4x599Wq7u0Bn8EABh3J91G jumpserver > /opt/jumpserver-v2.12.0.sql
 
 # 拉取新版本镜像
-docker pull wojiushixiaobai/jms_all:v3.10.8
+docker pull wojiushixiaobai/jms_all:v3.10.9
 
 # 删掉旧版本容器
 docker rm jms_all
@@ -147,4 +147,4 @@ docker run --name jms_all -d \
   -v /opt/jumpserver/kael/data:/opt/kael/data \
   -v /opt/jumpserver/chen/data:/opt/chen/data \
   -v /opt/jumpserver/web/log:/var/log/nginx \
-  wojiushixiaobai/jms_all:v3.10.8
+  wojiushixiaobai/jms_all:v3.10.9
diff --git a/allinone/readme.txt b/allinone/readme.txt
@@ -11,4 +11,4 @@ The Installation is Complete.
   ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║
    ╚════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝
 
-                                                                   VERSION: v3.10.8
+                                                                   VERSION: v3.10.9
diff --git a/chen/Dockerfile b/chen/Dockerfile
@@ -5,7 +5,7 @@ ARG DEPENDENCIES="                    \
         ca-certificates               \
         wget"
 
-RUN set -ex \
+RUN set -e \
     && apt-get update \
     && apt-get -y install --no-install-recommends ${DEPENDENCIES} \
     && echo "no" | dpkg-reconfigure dash \
@@ -15,30 +15,30 @@ RUN set -ex \
 WORKDIR /opt
 
 ARG CHECK_VERSION=v1.0.2
-RUN set -ex \
-    && wget https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
+RUN set -e \
+    && wget --quiet https://github.com/jumpserver-dev/healthcheck/releases/download/${CHECK_VERSION}/check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz \
     && mv check /usr/local/bin/ \
     && chown root:root /usr/local/bin/check \
     && chmod 755 /usr/local/bin/check \
     && rm -f check-${CHECK_VERSION}-linux-${TARGETARCH}.tar.gz
 
 ARG WISP_VERSION=v0.1.19
-RUN set -ex \
-    && wget https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
+RUN set -e \
+    && wget --quiet https://github.com/jumpserver/wisp/releases/download/${WISP_VERSION}/wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz \
     && tar -xf wisp-${WISP_VERSION}-linux-${TARGETARCH}.tar.gz -C /usr/local/bin/ --strip-components=1 \
     && chown root:root /usr/local/bin/wisp \
     && chmod 755 /usr/local/bin/wisp \
     && rm -f /opt/*.tar.gz
 
 WORKDIR /opt/chen
 
-ARG VERSION=v3.10.8
+ARG VERSION=v3.10.9
 ENV VERSION=${VERSION}
 
-RUN set -ex \
+RUN set -e \
     && cd /opt \
-    && wget https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \
+    && wget --quiet https://github.com/jumpserver/chen-release/releases/download/${VERSION}/chen-${VERSION}.tar.gz \
     && tar -xf chen-${VERSION}.tar.gz -C /opt/chen --strip-components=1 \
     && chown -R root:root /opt/chen \
     && rm -f /opt/*.tar.gz
@@ -53,7 +53,7 @@ ARG DEPENDENCIES="                    \
         ca-certificates               \
         openjdk-17-jre-headless"
 
-RUN set -ex \
+RUN set -e \
     && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
     && apt-get update \
     && apt-get install -y --no-install-recommends ${DEPENDENCIES} \
@@ -69,7 +69,7 @@ COPY --from=stage-1 /opt/chen /opt/chen
 
 WORKDIR /opt/chen
 
-ARG VERSION=v3.10.8
+ARG VERSION=v3.10.9
 ENV VERSION=${VERSION}
 
 VOLUME /opt/chen/data